Common Weakness Enumeration

CWE-918

Allowed

Server-Side Request Forgery (SSRF)

Abstraction: Base · Status: Incomplete

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

4646 vulnerabilities reference this CWE, most recent first.

GHSA-QXG5-MCMP-M3M9

Vulnerability from github – Published: 2024-11-13 00:30 – Updated: 2025-11-04 00:32
VLAI
Details

The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts ([]), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-11168"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-12T22:15:14Z",
    "severity": "MODERATE"
  },
  "details": "The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren\u0027t IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser.",
  "id": "GHSA-qxg5-mcmp-m3m9",
  "modified": "2025-11-04T00:32:03Z",
  "published": "2024-11-13T00:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11168"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/issues/103848"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/pull/103849"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/commit/29f348e232e82938ba2165843c448c2b291504c5"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/commit/634ded45545ce8cbd6fd5d49785613dd7fa9b89e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/commit/b2171a2fd41416cf68afd67460578631d755a550"
    },
    {
      "type": "WEB",
      "url": "https://github.com/python/cpython/commit/ddca2953191c67a12b1f19d6bca41016c6ae7132"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20250411-0004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-QXGF-HMCJ-3XW3

Vulnerability from github – Published: 2026-04-01 00:01 – Updated: 2026-04-06 22:46
VLAI
Summary
OpenClaw affected by SSRF via unguarded image download in fal provider
Details

Summary

The fal provider used raw fetches for both provider API traffic and returned image download URLs instead of the existing SSRF-guarded fetch path.

Impact

A malicious or compromised fal relay could make the gateway fetch internal URLs and expose metadata or internal service responses through the image pipeline.

Affected Component

extensions/fal/image-generation-provider.ts

Fixed Versions

  • Affected: <= 2026.3.24
  • Patched: >= 2026.3.28
  • Latest stable 2026.3.28 contains the fix.

Fix

Fixed by commit 80d1e8a11a (fal: guard image fetches).

OpenClaw thanks @AntAISecurityLab for reporting.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2026.3.24"
      },
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.3.28"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-34504"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-01T00:01:51Z",
    "nvd_published_at": null,
    "severity": "LOW"
  },
  "details": "## Summary\n\nThe fal provider used raw fetches for both provider API traffic and returned image download URLs instead of the existing SSRF-guarded fetch path.\n\n## Impact\n\nA malicious or compromised fal relay could make the gateway fetch internal URLs and expose metadata or internal service responses through the image pipeline.\n\n## Affected Component\n\n`extensions/fal/image-generation-provider.ts`\n\n## Fixed Versions\n\n- Affected: `\u003c= 2026.3.24`\n- Patched: `\u003e= 2026.3.28`\n- Latest stable `2026.3.28` contains the fix.\n\n## Fix\n\nFixed by commit `80d1e8a11a` (`fal: guard image fetches`).\n\nOpenClaw thanks @AntAISecurityLab for reporting.",
  "id": "GHSA-qxgf-hmcj-3xw3",
  "modified": "2026-04-06T22:46:03Z",
  "published": "2026-04-01T00:01:51Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-qxgf-hmcj-3xw3"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34504"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/commit/80d1e8a11a2ac118c7f7a70bba9c862b6141d928"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/releases/tag/v2026.3.28"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-server-side-request-forgery-via-unguarded-image-download-in-fal-provider"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw affected by SSRF via unguarded image download in fal provider"
}

GHSA-QXH8-5779-HG4R

Vulnerability from github – Published: 2025-10-01 06:30 – Updated: 2025-10-01 06:30
VLAI
Details

The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via the mcbSubmit_Form_Data(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-10735"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-01T04:15:59Z",
    "severity": "MODERATE"
  },
  "details": "The Block For Mailchimp \u2013 Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via the mcbSubmit_Form_Data(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.",
  "id": "GHSA-qxh8-5779-hg4r",
  "modified": "2025-10-01T06:30:22Z",
  "published": "2025-10-01T06:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10735"
    },
    {
      "type": "WEB",
      "url": "https://plugins.svn.wordpress.org/block-for-mailchimp/tags/1.1.9/mailchimp/API.php"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3368808%40block-for-mailchimp\u0026new=3368808%40block-for-mailchimp\u0026sfp_email=\u0026sfph_mail="
    },
    {
      "type": "WEB",
      "url": "https://wordpress.org/plugins/block-for-mailchimp"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51de575f-d458-4a7d-bc57-4a11e5124377?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QXP5-VJRM-298X

Vulnerability from github – Published: 2024-11-18 09:31 – Updated: 2025-06-24 18:33
VLAI
Details

Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz.

This issue affects Apache OFBiz: before 18.12.17.

Users are recommended to upgrade to version 18.12.17, which fixes the issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-47208"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918",
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-18T09:15:06Z",
    "severity": "CRITICAL"
  },
  "details": "Server-Side Request Forgery (SSRF), Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.17.\n\nUsers are recommended to upgrade to version 18.12.17, which fixes the issue.",
  "id": "GHSA-qxp5-vjrm-298x",
  "modified": "2025-06-24T18:33:08Z",
  "published": "2024-11-18T09:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47208"
    },
    {
      "type": "WEB",
      "url": "https://issues.apache.org/jira/browse/OFBIZ-13158"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/022r19skfofhv3lzql33vowlrvqndh11"
    },
    {
      "type": "WEB",
      "url": "https://ofbiz.apache.org/download.html"
    },
    {
      "type": "WEB",
      "url": "https://ofbiz.apache.org/security.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/11/16/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R245-6W67-CJXX

Vulnerability from github – Published: 2024-11-09 09:30 – Updated: 2026-04-01 18:32
VLAI
Details

Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Solution Responsive Filterable Portfolio allows Server Side Request Forgery.This issue affects Responsive Filterable Portfolio: from n/a through 1.0.22.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-51785"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-09T09:15:06Z",
    "severity": "MODERATE"
  },
  "details": "Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Solution Responsive Filterable Portfolio allows Server Side Request Forgery.This issue affects Responsive Filterable Portfolio: from n/a through 1.0.22.",
  "id": "GHSA-r245-6w67-cjxx",
  "modified": "2026-04-01T18:32:18Z",
  "published": "2024-11-09T09:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51785"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/responsive-filterable-portfolio/vulnerability/wordpress-responsive-filterable-portfolio-plugin-1-0-22-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/responsive-filterable-portfolio/wordpress-responsive-filterable-portfolio-plugin-1-0-22-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R29W-R9PH-VM76

Vulnerability from github – Published: 2022-10-25 19:00 – Updated: 2022-10-31 15:41
VLAI
Summary
Apache XML Graphics Batik vulnerable to code execution via SVG.
Details

A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.xmlgraphics:batik"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-41704"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-10-25T23:10:27Z",
    "nvd_published_at": "2022-10-25T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.",
  "id": "GHSA-r29w-r9ph-vm76",
  "modified": "2022-10-31T15:41:18Z",
  "published": "2022-10-25T19:00:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41704"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/xmlgraphics-batik/commit/905f368b50c2567cf2c4869a0ab596a7b1b5125c"
    },
    {
      "type": "WEB",
      "url": "https://issues.apache.org/jira/browse/BATIK-1338"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00038.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202401-11"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5264"
    },
    {
      "type": "WEB",
      "url": "https://xmlgraphics.apache.org/security.html"
    },
    {
      "type": "WEB",
      "url": "http://svn.apache.org/repos/asf/xmlgraphics/batik/trunk"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/10/25/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache XML Graphics Batik vulnerable to code execution via SVG."
}

GHSA-R2CC-Q3JW-4VHV

Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-05-24 19:17
VLAI
Details

Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-22033"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-13T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.",
  "id": "GHSA-r2cc-q3jw-4vhv",
  "modified": "2022-05-24T19:17:24Z",
  "published": "2022-05-24T19:17:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22033"
    },
    {
      "type": "WEB",
      "url": "https://www.vmware.com/security/advisories/VMSA-2021-0021.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-R2CX-CPFX-9H63

Vulnerability from github – Published: 2026-07-02 21:32 – Updated: 2026-07-02 21:32
VLAI
Details

LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to direct internal HTTP requests to arbitrary URLs by supplying user-controlled input to the skill import service (importFromUrl) and topic cover update (fetchImageFromUrl) endpoints, which use the global fetch without the project's ssrf-safe-fetch wrapper. Attackers can target internal addresses such as cloud instance metadata endpoints through these unprotected code paths to disclose internal service responses and cloud credentials.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-59095"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-07-02T20:17:07Z",
    "severity": "HIGH"
  },
  "details": "LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to direct internal HTTP requests to arbitrary URLs by supplying user-controlled input to the skill import service (importFromUrl) and topic cover update (fetchImageFromUrl) endpoints, which use the global fetch without the project\u0027s ssrf-safe-fetch wrapper. Attackers can target internal addresses such as cloud instance metadata endpoints through these unprotected code paths to disclose internal service responses and cloud credentials.",
  "id": "GHSA-r2cx-cpfx-9h63",
  "modified": "2026-07-02T21:32:14Z",
  "published": "2026-07-02T21:32:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-59095"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lobehub/lobehub/issues/16536"
    },
    {
      "type": "WEB",
      "url": "https://github.com/lobehub/lobehub/pull/16601"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/lobechat-canary-18-ssrf-via-importfromurl-and-fetchimagefromurl"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-R2HM-J6R3-88Q2

Vulnerability from github – Published: 2025-11-25 18:32 – Updated: 2025-11-25 18:32
VLAI
Details

NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-33203"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-25T18:15:52Z",
    "severity": "HIGH"
  },
  "details": "NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service.",
  "id": "GHSA-r2hm-j6r3-88q2",
  "modified": "2025-11-25T18:32:23Z",
  "published": "2025-11-25T18:32:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33203"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5726"
    },
    {
      "type": "WEB",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33203"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R2JQ-4H3X-RFJ6

Vulnerability from github – Published: 2026-04-28 06:30 – Updated: 2026-05-06 19:44
VLAI
Summary
BigSweetPotatoStudio HyperChat has a Server-Side Request Forgery issue
Details

A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of the component AI Proxy Middleware. Such manipulation of the argument baseurl leads to server-side request forgery. The attack can be launched remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "@dadigua/hyperchat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "2.0.0-alpha.63"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-7223"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-918"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-06T19:44:30Z",
    "nvd_published_at": "2026-04-28T04:16:29Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of the component AI Proxy Middleware. Such manipulation of the argument baseurl leads to server-side request forgery. The attack can be launched remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.",
  "id": "GHSA-r2jq-4h3x-rfj6",
  "modified": "2026-05-06T19:44:30Z",
  "published": "2026-04-28T06:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7223"
    },
    {
      "type": "WEB",
      "url": "https://github.com/BigSweetPotatoStudio/HyperChat/issues/142"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/BigSweetPotatoStudio/HyperChat"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/802265"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/359823"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/359823/cti"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "BigSweetPotatoStudio HyperChat has a Server-Side Request Forgery issue"
}

No mitigation information available for this CWE.

CAPEC-664: Server Side Request Forgery

An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.